Case Study: Metabolic Maintenance

Platformr Foundation:

• Set up an AWS Landing Zone to include AWS Control Tower, service control policies (SCPs), AWS Organizational Units, centralized logging, and centralized security with AWS Security Hub
• Implemented central networking solution (hub-spoke model) to allow for an on-prem to cloud connection with AWS Transit Gateway, AWS Route tables, VPC endpoints and a client VPN connection
• Improved security posture and made it easier to manage AWS users and contractors by incorporating AWS Identity Center and AWS IAM user management
• Eliminated security vulnerabilities by enforcing centralized root user management and deleting out root user credentials
• For Infrastructure as Code (IaC), followed the principles of a Security Reference Architecture (SRA) to establish secure boundaries and delegate responsibilities
• Isolated AWS account workloads as a best practice for enhancing security and operational efficiency in cloud environments (grouping AWS resources and workloads into separate AWS accounts based on their functionality and security requirements)
• Deployed budgets at the AWS Organization, workload, and account level with alerts
• Deployed AWS supported Well-Architected lenses
• Leveraged AWS Cost Explorer to gather data and visualize AWS costs and usage over time for increased visibility and improved cost management
• Set up tags for cost reporting
• Set up backup and availability based on business requirements

Workload Factory:

• Set up a secure connection with a VPN
• Created separate development environments (Development, Testing, Staging, Production)
• Established a Disaster Recovery environment to meet customer requirements

Observability:

• Set up alarms to notify company on health metrics using Amazon CloudWatch, Amazon EventBridge, and Amazon Simple Notification Service (SNSs